71.6.158.166 - IPInfo

Basic Info

City: San Diego

Region: California

Country: United States

Internet Service Provider: CARInet Inc.

Hostname: unknown

Organization: CariNet, Inc.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
botsattack	hacking	2024-02-23 13:48:47
attack	connect from ninja.census.shodan.io[71.6.158.166] all over the postfix logs.	2020-10-06 04:51:09
attack	connect from ninja.census.shodan.io[71.6.158.166] all over the postfix logs.	2020-10-05 20:53:55
attackspambots	Automatic report - Banned IP Access	2020-10-05 12:42:50
attackbots	TCP (SYN) 71.6.158.166:20041 -> port 22, len 44	2020-09-23 00:01:51
attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 58 - port: 1599 proto: tcp cat: Misc Attackbytes: 60	2020-09-22 16:05:12
attack	Icarus honeypot on github	2020-09-22 08:08:23
attackspambots	" "	2020-08-23 20:46:15
attackspam	Telnet Server BruteForce Attack	2020-08-23 17:04:07
attackbotsspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 8069 [T]	2020-08-16 20:10:26
attackspambots	port	2020-08-14 18:34:00
attackspam	Scanned 1 times in the last 24 hours on port 21	2020-08-11 08:53:53
attackspambots	UDP 71.6.158.166:21934 -> port 47808, len 45	2020-08-03 21:43:41
attackspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 5007	2020-07-29 14:02:03
attackspam	Jul 21 17:49:44 debian-2gb-nbg1-2 kernel: \[17605118.331840\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=71.6.158.166 DST=195.201.40.59 LEN=44 TOS=0x10 PREC=0x00 TTL=110 ID=29494 PROTO=TCP SPT=19330 DPT=4242 WINDOW=39658 RES=0x00 SYN URGP=0	2020-07-22 00:13:18
attackbotsspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 2762	2020-07-21 14:13:59
attack	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 9000	2020-07-13 15:53:24
attackbots	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 902	2020-07-11 04:20:03
attackbots	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 9595	2020-07-07 03:15:20
attackspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 4443	2020-06-10 17:31:35
attack	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 2121	2020-06-08 17:56:15
attackbotsspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 8112 [T]	2020-06-07 22:13:41
attackbots	4840/tcp 2379/tcp 1521/tcp... [2020-03-31/06-01]324pkt,180pt.(tcp),22pt.(udp)	2020-06-01 17:32:28
attack	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 873	2020-06-01 00:15:44
attackbots	TCP (SYN) 71.6.158.166:29011 -> port 8090, len 44	2020-05-26 11:38:00
attackbots	Fail2Ban Ban Triggered	2020-05-11 06:53:44
attack	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 8500	2020-05-10 21:10:28
attackspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 10250	2020-05-07 03:37:02
attack	[portscan] tcp/81 [alter-web/web-proxy] in blocklist.de:'listed [bruteforcelogin]' *(RWIN=38362)(04261133)	2020-04-26 18:52:16
attack	[Tue Apr 21 10:24:18 2020] - DDoS Attack From IP: 71.6.158.166 Port: 18020	2020-04-23 19:28:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 71.6.158.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12836
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;71.6.158.166.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032901 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Mar 30 10:36:05 +08 2019
;; MSG SIZE  rcvd: 116

Host info

166.158.6.71.in-addr.arpa domain name pointer ninja.census.shodan.io.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
166.158.6.71.in-addr.arpa	name = ninja.census.shodan.io.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
86.238.99.115	attack	Invalid user castis from 86.238.99.115 port 34582	2019-06-29 06:50:55
138.68.146.186	attack	Jun 28 22:05:11 MK-Soft-VM7 sshd\[24065\]: Invalid user usuario from 138.68.146.186 port 50280 Jun 28 22:05:11 MK-Soft-VM7 sshd\[24065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 Jun 28 22:05:13 MK-Soft-VM7 sshd\[24065\]: Failed password for invalid user usuario from 138.68.146.186 port 50280 ssh2 ...	2019-06-29 06:46:02
103.76.46.98	attackbotsspam	19/6/28@09:32:36: FAIL: IoT-Telnet address from=103.76.46.98 ...	2019-06-29 07:00:18
94.176.77.67	attackbots	(Jun 28) LEN=40 TTL=244 ID=24775 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=52233 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=4919 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=30493 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=10708 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=13327 DF TCP DPT=23 WINDOW=14600 SYN (Jun 28) LEN=40 TTL=244 ID=30584 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=53453 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=9733 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=41805 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=53615 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=2510 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=10102 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=1478 DF TCP DPT=23 WINDOW=14600 SYN (Jun 27) LEN=40 TTL=244 ID=6805 DF TCP DPT=23 WINDOW=14600 SYN ...	2019-06-29 06:51:30
190.203.244.207	attackspambots	Unauthorized connection attempt from IP address 190.203.244.207 on Port 445(SMB)	2019-06-29 07:12:27
182.156.213.183	attack	web-1 [ssh] SSH Attack	2019-06-29 06:42:35
81.211.37.170	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-06-29 06:34:58
118.122.102.74	attack	SMB Server BruteForce Attack	2019-06-29 06:58:52
139.59.74.143	attackbotsspam	Jun 29 00:46:00 vmd17057 sshd\[5625\]: Invalid user nagios from 139.59.74.143 port 46988 Jun 29 00:46:00 vmd17057 sshd\[5625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.74.143 Jun 29 00:46:03 vmd17057 sshd\[5625\]: Failed password for invalid user nagios from 139.59.74.143 port 46988 ssh2 ...	2019-06-29 06:57:50
201.248.70.122	attack	Unauthorized connection attempt from IP address 201.248.70.122 on Port 445(SMB)	2019-06-29 07:11:47
129.213.145.85	attack	Invalid user ryan from 129.213.145.85 port 24948	2019-06-29 06:43:32
91.121.110.97	attackspam	SSH-BruteForce	2019-06-29 07:06:57
124.123.163.21	attackbots	Unauthorized connection attempt from IP address 124.123.163.21 on Port 445(SMB)	2019-06-29 07:16:18
182.106.207.51	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-06-29 06:34:03
144.139.104.45	attack	CloudCIX Reconnaissance Scan Detected, PTR: watson159.lnk.telstra.net.	2019-06-29 06:50:39

Recently Reported IPs

186.31.37.205	190.74.191.28	218.92.1.130	196.223.152.58
5.188.45.22	162.243.144.247	46.4.49.150	103.26.57.255
223.223.186.98	198.0.6.214	189.236.86.118	185.211.245.157
162.243.146.37	35.240.227.214	219.90.67.238	189.86.225.54
200.143.112.126	54.37.138.172	206.189.175.19	89.223.22.64